Here is something I don’t understand about the public flag of an image.
I added two remote servers, both are LXD servers, so this is using the
One server is in the same DNS domain, say
srv1.mydomain.top. The other is in another DNS domain, say
Both servers are added with the
--public flag so that no password is needed.
I can see all images on
srv1, public or not public.
I can only see public images on
What’s the magic here?
Most likely your client is trusted by srv1, so even though you told LXD that it’s a public image server, the fact that the client connects with its certificate gets you all images as your client is trusted by the server.
How did I make my client to be trusted by
BTW the client is not listening to port 8443
lxc config trust list I can show the trusted clients.
However, I’m sure I never instructed the server to trust the client. All I did was (on the client) to add the remote with the public flag. The server must have added the client automatically as “trusted”.
There is no code path for the server to automatically add a client as trusted.
The most likely reason why it is trusted is because you once did
lxc remote add without
--public and provided the trust password or use
lxc config trust add to get a token to use with
lxc remote add.
Yes, that is what I think has happened